Game-changing attack on critical infrastructure site causes outage

Power grid in Gowkthrapple, UK. (credit: geograph.org.uk)

Hackers who may have been working on behalf of a nation recently caused an operational outage at a critical-infrastructure site, researchers said Thursday. The attackers did so by using a novel piece of malware to target the system that prevents health- and life-threatening accidents.

The malware was most likely designed to cause physical damage inside the unnamed site, researchers from the Mandiant division of security firm FireEye said in a report. It worked by targeting a safety instrumented system, which the targeted facility and many other critical infrastructure sites use to prevent unsafe conditions from arising. The malware has been alternately named Triton and Trisis, because it targeted the Triconex product line made by Schneider Electric.

“Mandiant recently responded to an incident at a critical infrastructure organization where an attacker deployed malware designed to manipulate industrial safety systems,” Mandiant researchers wrote. “The targeted systems provided emergency shutdown capability for industrial processes. We assess with moderate confidence that the attacker was developing the capability to cause physical damage and inadvertently shutdown operations.”

Read 7 remaining paragraphs | Comments

Hackers hit key ATM network in crime spree that clears $10 million

Enlarge / A timeline of MoneyTaker hacking group. (credit: Group-IB)

A previously undetected hacker group has netted around $10 million in heists on at least 20 companies, in some cases by targeting the transfer networks banks use to transfer money, a Moscow-based security firm said Monday.

Members of the MoneyTaker group, named after a piece of custom malware it uses, started its heist spree no later than May 2016. That’s when it penetrated an unnamed US bank, according to researchers with Group-IB in a report titled MoneyTaker: 1.5 Years of Silent Operations. The hackers then used their unauthorized access to control a workstation the bank used to connect to the First Data STAR Network, which more than 5,000 banks use to transact payments involving debit cards.

MoneyTaker members also targeted an interbank network known as AWS CBR which interfaces with Russia’s central bank. The hackers also stole internal documents related to the SWIFT banking system, although there’s no evidence they have successfully carried out attacks over it.

Read 4 remaining paragraphs | Comments

Review privacy email provider Posteo

Posteo is a paid privacy email provider based in Germany. I signed up with them after a recent Fastmail price increase and my concern about Fastmail being an Australian company with servers in the…

(This is a content summary, visit my website for the full article. Blog visitors keep me writing articles. Thank you for your support)

Bypass Internet censorship in Android with Psiphon

Psiphon is free open source application from a Canadian company helping out millions of people from all over the world bypass Internet filtering. The software acts like a proxy and hides your…

(This is a content summary, visit my website for the full article. Blog visitors keep me writing articles. Thank you for your support)

Man using HideMyAss VPN to harass ex-girlfriend arrested

A judge from Galveston County named Chris Dupuy has been forced out of office after being charged with online harassment for placing fake hooker advertisements with the photographs and phone numbers…

(This is a content summary, visit my website for the full article. Blog visitors keep me writing articles. Thank you for your support)

State Department Decides Not to Classify ‘Cyber Products’ as ‘Munitions’

This week, the U.S. Department of State’s Defense Trade Advisory Group (DTAG) met to decide whether to classify “cyber products” as munitions, placing them in the same export control regime as hand grenades and fighter planes. Thankfully, common sense won out and the DTAG recommended that “cyber products” not be added to the control list. EFF and Access Now filed a brief joint statement with the DTAG urging this outcome and we applaud the DTAG’s decision.

Read more…



Hackers Can Wirelessly Upload Malware to a Fitbit in 10 Seconds

Wearables are like hacker candy. They represent a new category of technology that’s capable of storing data—including malware—that people don’t expect to get pwned. But that’s exactly what just happened: Hackers figured out how to remotely upload malware to a Fitbit. It only takes ten seconds.

Read more…



Congress Is Trying to Ban Car Hacking In Every Possible Form

Today, the House Energy and Commerce Committee began safety hearings with a proposed bill to reform the National Highway Traffic Safety Administration. That bill contains a provision which completely outlaws car owners from hacking their own cars. Which a giant mistake.

Read more…



Hackers Targeted Hillary Clinton’s Private Servers (Obviously)

We’ve known for months that Hillary Clinton’s use of private email for official business was a security nightmare . Now we’re starting to learn a little bit about how that nightmare unfolded. Hackers from at least three countries targeted her servers after she left office in 2013.

Read more…



New Kardashian Websites Exposed Personal Data of Nearly a Million Users

Being famous for being famous isn’t easy. In tandem with the release of apps that let fans trade money for exclusive content, the Kardashian-Jenner sisters launched new websites this week. However, they left the personal data of some 891,340 users right out in the open. Oops.

Read more…



New Kardashian Websites Exposed Personal Data of Nearly a Million Users

Being famous for being famous isn’t easy. In tandem with the release of apps that let fans trade money for exclusive content, the Kardashian-Jenner sisters launched new websites this week. However, they left the personal data of some 891,340 users right out in the open. Oops.

Read more…



It Looks Like Ashley Madison Execs Hacked a Competing Dating Site in 2012

Karma’s a bitch. Hackers recently leaked the inbox of Ashley Madison CEO Noel Biderman (pictured above). Turns out Noel and his cronies have done some hacking of their own. The emails reveal that the company’s CTO hacked into a competing dating site back in November 2012. Biderman even asked him to steal emails.

Read more…



Social Media Auto Publish Powered By : XYZScripts.com